This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/dea8f4-d688-4524-af29-3f6d7d7ea1b0/1/sOo_7lt_CItRUPeJIsaf3epL6wo.roa File: sOo_7lt_CItRUPeJIsaf3epL6wo.roa (raw, json) Hash identifier: FUDCuTGox9W1RZs2Qc7K596tec/Dho0eAg3ld5/PpMo= Subject key identifier: B0:EA:3F:EE:5B:7F:08:8B:51:50:F7:89:22:C6:9F:DD:EA:4B:EB:0A Certificate issuer: /CN=87eb97f98c882ef426b36663411d4081430ac421 Certificate serial: 019B7F1572928C624FD97C53A6B12691304D Authority key identifier: 87:EB:97:F9:8C:88:2E:F4:26:B3:66:63:41:1D:40:81:43:0A:C4:21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-uX-YyILvQms2ZjQR1AgUMKxCE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/dea8f4-d688-4524-af29-3f6d7d7ea1b0/1/sOo_7lt_CItRUPeJIsaf3epL6wo.roa Signing time: Fri 02 Jan 2026 14:21:10 +0000 ROA not before: Fri 02 Jan 2026 14:21:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207771 IP address blocks: 2001:67c:970::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/dea8f4-d688-4524-af29-3f6d7d7ea1b0/1/h-uX-YyILvQms2ZjQR1AgUMKxCE.crl rsync://rpki.ripe.net/repository/DEFAULT/99/dea8f4-d688-4524-af29-3f6d7d7ea1b0/1/h-uX-YyILvQms2ZjQR1AgUMKxCE.mft rsync://rpki.ripe.net/repository/DEFAULT/h-uX-YyILvQms2ZjQR1AgUMKxCE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:72:92:8c:62:4f:d9:7c:53:a6:b1:26:91:30:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87eb97f98c882ef426b36663411d4081430ac421 Validity Not Before: Jan 2 14:21:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b0ea3fee5b7f088b5150f78922c69fddea4beb0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:97:f7:90:1b:64:02:fe:1d:52:19:dd:6b:47: 2f:1d:1e:8b:a8:43:db:18:21:f1:11:7c:cd:f9:b5: b3:78:cb:a3:ba:99:a6:31:9c:86:54:bf:34:f7:a6: f4:a6:5d:8c:fc:ec:af:e6:3a:98:f6:89:ca:26:14: 99:ef:22:65:6b:34:b6:9c:16:8f:dd:02:6a:d6:ca: aa:66:47:d9:c9:67:53:69:ef:fd:bb:f3:63:b6:01: e5:54:3e:42:c3:71:65:06:56:12:9c:41:86:92:fb: 01:fb:19:8a:8e:8b:b2:80:d5:cb:1e:fa:58:2d:f4: 27:ca:4d:0f:91:9c:e7:2e:c0:50:84:b3:9b:5e:77: 08:2a:d1:d0:41:4a:e7:6e:86:d0:c5:bc:08:7e:31: 19:84:09:4e:8f:0b:10:f5:e1:b1:5b:dd:17:b5:c4: 1f:92:34:52:02:15:1d:48:63:e2:02:0c:6a:da:29: ff:3a:27:75:ef:75:fd:ba:56:53:75:8d:34:54:c1: 06:62:cd:1d:cc:c9:5c:b9:ce:9e:9e:15:eb:8b:fe: 45:07:b3:4b:fb:57:66:63:74:d3:b9:3d:c1:d7:25: 1e:48:d0:07:b9:36:a8:31:59:8d:9f:a0:cb:0d:44: d5:c4:b7:15:b7:65:dc:f2:c8:c9:e0:26:01:27:8d: fb:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:EA:3F:EE:5B:7F:08:8B:51:50:F7:89:22:C6:9F:DD:EA:4B:EB:0A X509v3 Authority Key Identifier: keyid:87:EB:97:F9:8C:88:2E:F4:26:B3:66:63:41:1D:40:81:43:0A:C4:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-uX-YyILvQms2ZjQR1AgUMKxCE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/dea8f4-d688-4524-af29-3f6d7d7ea1b0/1/sOo_7lt_CItRUPeJIsaf3epL6wo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/dea8f4-d688-4524-af29-3f6d7d7ea1b0/1/h-uX-YyILvQms2ZjQR1AgUMKxCE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:970::/48 Signature Algorithm: sha256WithRSAEncryption a4:37:bf:b2:97:03:40:93:1f:8a:76:a0:df:d7:56:25:0f:84: d1:15:14:2c:2a:e6:0c:3b:d5:9e:f4:65:20:8e:78:b6:43:b7: f3:f3:91:3e:af:54:82:2e:c1:fe:31:eb:32:85:5d:f5:b9:ea: cf:01:51:2a:a9:fb:d7:2e:63:31:6f:2d:02:92:66:76:b7:b6: 90:23:48:49:5b:77:0b:63:39:a6:a0:6a:39:01:ab:5a:44:57: bd:cc:b1:60:55:e5:aa:af:94:5f:d2:9e:39:0b:a5:e2:dc:51: 67:a6:df:fc:cb:07:83:50:ff:19:8b:8a:17:28:66:c1:90:5e: 69:fc:f2:db:01:ec:5c:f4:c2:0d:ac:ba:c3:34:79:1c:b9:36: b4:e5:2a:7b:5f:3b:6b:bd:d6:24:04:d2:97:3d:69:e7:2d:06: 94:6a:8f:2c:7a:32:cb:ce:2f:a1:5a:c9:16:35:b4:d7:d8:77: 88:08:a2:1a:1c:68:f4:77:f8:69:b4:88:ef:0b:19:19:d4:b4: d5:9a:68:ef:ca:86:33:da:c8:14:3f:fb:e9:a3:d2:b9:01:34: 1e:52:7b:0d:3c:64:ad:6a:ca:e7:96:3d:ab:d4:1a:ae:96:e6: d9:d8:b9:35:64:77:66:85:85:26:02:1c:53:f7:1d:b7:63:f4: d7:6c:e4:1d -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/FXKSjGJP2XxTprEmkTBNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3ZWI5N2Y5OGM4ODJlZjQyNmIzNjY2MzQxMWQ0MDgxNDMw YWM0MjEwHhcNMjYwMTAyMTQyMTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMGVhM2ZlZTViN2YwODhiNTE1MGY3ODkyMmM2OWZkZGVhNGJlYjBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5f3kBtkAv4dUhnda0cvHR6LqEPb GCHxEXzN+bWzeMujupmmMZyGVL8096b0pl2M/Oyv5jqY9onKJhSZ7yJlazS2nBaP 3QJq1sqqZkfZyWdTae/9u/NjtgHlVD5Cw3FlBlYSnEGGkvsB+xmKjouygNXLHvpY LfQnyk0PkZznLsBQhLObXncIKtHQQUrnbobQxbwIfjEZhAlOjwsQ9eGxW90XtcQf kjRSAhUdSGPiAgxq2in/Oid173X9ulZTdY00VMEGYs0dzMlcuc6enhXri/5FB7NL +1dmY3TTuT3B1yUeSNAHuTaoMVmNn6DLDUTVxLcVt2Xc8sjJ4CYBJ437SQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFLDqP+5bfwiLUVD3iSLGn93qS+sKMB8GA1UdIwQY MBaAFIfrl/mMiC70JrNmY0EdQIFDCsQhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaC11WC1ZeUlMdlFtczJaalFSMUFnVU1LeENFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kZWE4ZjQtZDY4OC00NTI0LWFmMjkt M2Y2ZDdkN2VhMWIwLzEvc09vXzdsdF9DSXRSVVBlSklzYWYzZXBMNndvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS9kZWE4ZjQtZDY4OC00NTI0LWFmMjktM2Y2ZDdkN2VhMWIw LzEvaC11WC1ZeUlMdlFtczJaalFSMUFnVU1LeENFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAlw MA0GCSqGSIb3DQEBCwUAA4IBAQCkN7+ylwNAkx+KdqDf11YlD4TRFRQsKuYMO9We 9GUgjni2Q7fz85E+r1SCLsH+MesyhV31uerPAVEqqfvXLmMxby0CkmZ2t7aQI0hJ W3cLYzmmoGo5AataRFe9zLFgVeWqr5Rf0p45C6Xi3FFnpt/8yweDUP8Zi4oXKGbB kF5p/PLbAexc9MINrLrDNHkcuTa05Sp7XztrvdYkBNKXPWnnLQaUao8sejLLzi+h WskWNbTX2HeICKIaHGj0d/hptIjvCxkZ1LTVmmjvyoYz2sgUP/vpo9K5ATQeUnsN PGStasrnlj2r1BqulubZ2Lk1ZHdmhYUmAhxT9x23Y/TXbOQd -----END CERTIFICATE-----Generated at Mon Jan 26 09:40:46 2026 by rpki-client